static int parseStructure(KSI_TLV *tlv, int indent) { int res; KSI_TLV *nested = NULL; KSI_LIST(KSI_TLV) *list = NULL; size_t i; KSI_Utf8String *utf = NULL; KSI_Integer *integer = NULL; KSI_OctetString *octet = NULL; switch (KSI_TLV_getTag(tlv)) { case 0x01: /* Cast as numeric TLV */ /* Parse number */ res = KSI_Integer_fromTlv(tlv, &integer); if (res != KSI_OK) goto cleanup; break; case 0x02: /* Cast as string TLV */ res = KSI_Utf8String_fromTlv(tlv, &utf); if (res != KSI_OK) goto cleanup; break; case 0x03: case 0x1003: res = KSI_TLV_getNestedList(tlv, &list); if (res != KSI_OK) goto cleanup; /* Parse nested */ for (i = 0; i < KSI_TLVList_length(list); i++) { res = KSI_TLVList_elementAt(list, i, &nested); if (res != KSI_OK) goto cleanup; if (nested == NULL) break; res = parseStructure(nested, indent); if (res != KSI_OK) goto cleanup; } break; case 0x04: /* Cast as octet string*/ res = KSI_OctetString_fromTlv(tlv, &octet); if (res != KSI_OK) goto cleanup; break; default: res = KSI_INVALID_FORMAT; goto cleanup; } cleanup: KSI_OctetString_free(octet); KSI_Utf8String_free(utf); KSI_Integer_free(integer); return res; }
static int publicationsFileTLV_getSignatureTLVLength(KSI_TLV *pubFileTlv, size_t *len) { int res; KSI_TLVList *list = NULL; KSI_TLV *tlvSig = NULL; const unsigned char *raw = NULL; size_t raw_len; size_t sig_len; KSI_CTX *ctx = NULL; if (pubFileTlv == NULL && len == NULL) { KSI_pushError(ctx, res = KSI_INVALID_ARGUMENT, NULL); goto cleanup; } ctx = KSI_TLV_getCtx(pubFileTlv); KSI_ERR_clearErrors(ctx); res = KSI_TLV_getNestedList(pubFileTlv, &list); if (res != KSI_OK) { KSI_pushError(ctx, res, NULL); goto cleanup; } res = KSI_TLVList_elementAt(list, KSI_TLVList_length(list) - 1, &tlvSig); if (res != KSI_OK) { KSI_pushError(ctx, res, NULL); goto cleanup; } if (KSI_TLV_getTag(tlvSig) != 0x704) { KSI_pushError(ctx, res, "Last TLV in publications file must be signature (0x704)"); goto cleanup; } res = KSI_TLV_getRawValue(tlvSig, &raw, &raw_len); if (res != KSI_OK) { KSI_pushError(ctx, res, NULL); goto cleanup; } sig_len = raw_len; sig_len += 4; *len = sig_len; cleanup: return res; }
static int extract(KSI_CTX *ctx, void *payload, KSI_TLV *tlv, const KSI_TlvTemplate *tmpl, struct tlv_track_s *tr, size_t tr_len, size_t tr_size) { int res = KSI_UNKNOWN_ERROR; int tr_inc = 0; TLVListIterator iter; KSI_ERR_clearErrors(ctx); if (ctx == NULL || payload == NULL || tlv == NULL || tmpl == NULL || tr == NULL) { KSI_pushError(ctx, res = KSI_INVALID_ARGUMENT, NULL); goto cleanup; } res = KSI_TLV_cast(tlv, KSI_TLV_PAYLOAD_TLV); if (res != KSI_OK) { KSI_pushError(ctx, res, NULL); goto cleanup; } res = KSI_TLV_getNestedList(tlv, &iter.list); if (res != KSI_OK) { KSI_pushError(ctx, res, NULL); goto cleanup; } iter.idx = 0; /*When extracting second tlv there is no need to register it twice because it is mention in lower level.*/ if (tr_len == 0) { tr[tr_len].tag = KSI_TLV_getTag(tlv); tr[tr_len].desc = NULL; tr_inc = 1; } res = extractGenerator(ctx, payload, (void *)&iter, tmpl, (int (*)(void *, KSI_TLV **))TLVListIterator_next, tr, tr_len + tr_inc, tr_size); if (res != KSI_OK) { char buf[1024]; KSI_LOG_debug(ctx, "Unable to parse TLV: %s", track_str(tr, tr_len, tr_size, buf, sizeof(buf))); KSI_pushError(ctx, res, buf); goto cleanup; } res = KSI_OK; cleanup: return res; }
static int generateNextTlv(struct generator_st *gen, KSI_TLV **tlv) { int res = KSI_UNKNOWN_ERROR; unsigned char *buf = NULL; size_t consumed = 0; KSI_FTLV ftlv; if (gen == NULL) { res = KSI_INVALID_ARGUMENT; goto cleanup; } if (gen->tlv != NULL) { KSI_TLV_free(gen->tlv); gen->tlv = NULL; } /* Try to parse only when there is something left to parse. */ if (gen->len > 0) { memset(&ftlv, 0, sizeof(ftlv)); res = KSI_FTLV_memRead(gen->ptr, gen->len, &ftlv); if (res != KSI_OK) { KSI_pushError(gen->ctx, res, NULL); goto cleanup; } consumed = ftlv.hdr_len + ftlv.dat_len; buf = KSI_malloc(consumed); if (buf == NULL) { KSI_pushError(gen->ctx, res = KSI_OUT_OF_MEMORY, NULL); goto cleanup; } memcpy(buf, gen->ptr, consumed); gen->ptr += consumed; gen->len -= consumed; /* Make sure the buffer is not overflowing. */ if (consumed > UINT_MAX){ KSI_pushError(gen->ctx, res = KSI_INVALID_FORMAT, "Input too large."); goto cleanup; } if (consumed > 0) { if (gen->hasSignature) { /* The signature must be the last element. */ KSI_pushError(gen->ctx, res = KSI_INVALID_FORMAT, "The signature must be the last element."); goto cleanup; } res = KSI_TLV_parseBlob2(gen->ctx, buf, (unsigned)consumed, 1, &gen->tlv); if (res != KSI_OK) { KSI_pushError(gen->ctx, res, NULL); goto cleanup; } buf = NULL; if (KSI_TLV_getTag(gen->tlv) == 0x0704) { gen->sig_offset = gen->offset; gen->hasSignature = true; } } } gen->offset += consumed; *tlv = gen->tlv; res = KSI_OK; cleanup: KSI_free(buf); return res; }
KSI_END_TLV_TEMPLATE static int replaceCalendarChain(KSI_Signature *sig, KSI_CalendarHashChain *calendarHashChain) { int res; KSI_DataHash *aggrOutputHash = NULL; KSI_TLV *oldCalChainTlv = NULL; KSI_TLV *newCalChainTlv = NULL; KSI_LIST(KSI_TLV) *nestedList = NULL; size_t i; if (sig == NULL || calendarHashChain == NULL) { res = KSI_INVALID_ARGUMENT; goto cleanup; } KSI_ERR_clearErrors(sig->ctx); res = KSI_TLV_getNestedList(sig->baseTlv, &nestedList); if (res != KSI_OK) { KSI_pushError(sig->ctx, res, NULL); goto cleanup; } if (sig->calendarChain != NULL) { for (i = 0; i < KSI_TLVList_length(nestedList); i++) { res = KSI_TLVList_elementAt(nestedList,i, &oldCalChainTlv); if (res != KSI_OK) { KSI_pushError(sig->ctx, res, NULL); goto cleanup; } if (oldCalChainTlv == NULL) { KSI_pushError(sig->ctx, res = KSI_INVALID_SIGNATURE, "Signature TLV element missing."); goto cleanup; } if (KSI_TLV_getTag(oldCalChainTlv) == 0x0802) break; } } res = KSI_TLV_new(sig->ctx, 0x0802, 0, 0, &newCalChainTlv); if (res != KSI_OK) { KSI_pushError(sig->ctx, res, NULL); goto cleanup; } res = KSI_TlvTemplate_construct(sig->ctx, newCalChainTlv, calendarHashChain, KSI_TLV_TEMPLATE(KSI_CalendarHashChain)); if (res != KSI_OK) { KSI_pushError(sig->ctx, res, NULL); goto cleanup; } res = (sig->calendarChain == NULL) ? /* In case there is no calendar hash chain attached, append a new one. */ KSI_TLV_appendNestedTlv(sig->baseTlv, newCalChainTlv) : /* Otherwise replace the calendar hash chain. */ KSI_TLV_replaceNestedTlv(sig->baseTlv, oldCalChainTlv, newCalChainTlv); if (res != KSI_OK) { KSI_pushError(sig->ctx, res, NULL); goto cleanup; } newCalChainTlv = NULL; /* The memory was freed within KSI_TLV_replaceNestedTlv. */ oldCalChainTlv = NULL; KSI_CalendarHashChain_free(sig->calendarChain); sig->calendarChain = calendarHashChain; res = KSI_OK; cleanup: KSI_nofree(nestedList); KSI_DataHash_free(aggrOutputHash); KSI_TLV_free(newCalChainTlv); return res; }
static int extractGenerator(KSI_CTX *ctx, void *payload, void *generatorCtx, const KSI_TlvTemplate *tmpl, int (*generator)(void *, KSI_TLV **), struct tlv_track_s *tr, size_t tr_len, size_t tr_size) { int res = KSI_UNKNOWN_ERROR; KSI_TLV *tlv = NULL; char buf[1024]; void *voidVal = NULL; void *compositeVal = NULL; void *valuep = NULL; KSI_TLV *tlvVal = NULL; size_t template_len = 0; bool templateHit[MAX_TEMPLATE_SIZE]; bool groupHit[2] = {false, false}; bool oneOf[2] = {false, false}; size_t i; size_t tmplStart = 0; KSI_ERR_clearErrors(ctx); if (ctx == NULL || payload == NULL || generatorCtx == NULL || tmpl == NULL || generator == NULL || tr == NULL) { KSI_pushError(ctx, res = KSI_INVALID_ARGUMENT, NULL); goto cleanup; } /* Analyze the template. */ template_len = getTemplateLength(tmpl); if (template_len == 0) { KSI_pushError(ctx, res = KSI_INVALID_ARGUMENT, "Empty template suggests invalid state."); goto cleanup; } /* Make sure there will be no buffer overflow. */ if (template_len > MAX_TEMPLATE_SIZE) { KSI_pushError(ctx, res = KSI_INVALID_ARGUMENT, "Template too big"); goto cleanup; } memset(templateHit, 0, sizeof(templateHit)); while (1) { int matchCount = 0; res = generator(generatorCtx, &tlv); if (res != KSI_OK) { KSI_pushError(ctx, res, NULL); goto cleanup; } if (tlv == NULL) break; KSI_LOG_trace(ctx, "Starting to parse TLV[0x%02x]", KSI_TLV_getTag(tlv)); if (tr_len < tr_size) { tr[tr_len].tag = KSI_TLV_getTag(tlv); tr[tr_len].desc = NULL; } for (i = tmplStart; i < template_len; i++) { if (tmpl[i].tag != KSI_TLV_getTag(tlv)) continue; if (i == tmplStart && !tmpl[i].multiple) tmplStart++; tr[tr_len].desc = tmpl[i].descr; matchCount++; templateHit[i] = true; if ((tmpl[i].flags & KSI_TLV_TMPL_FLG_LEAST_ONE_G0) != 0) groupHit[0] = true; if ((tmpl[i].flags & KSI_TLV_TMPL_FLG_LEAST_ONE_G1) != 0) groupHit[1] = true; if (FLAGSET(tmpl[i], KSI_TLV_TMPL_FLG_MOST_ONE_G0)) { if (oneOf[0]) { KSI_pushError(ctx, res = KSI_INVALID_FORMAT, "Mutually exclusive elements present within group 0."); goto cleanup; } oneOf[0] = true; } if (FLAGSET(tmpl[i], KSI_TLV_TMPL_FLG_MOST_ONE_G1)) { if (oneOf[1]) { KSI_pushError(ctx, res = KSI_INVALID_FORMAT, "Mutually exclusive elements present within group 0."); goto cleanup; } oneOf[1] = true; } valuep = NULL; if (tmpl[i].getValue != NULL) { /* Validate the value has not been set */ res = tmpl[i].getValue(payload, (void **)&valuep); if (res != KSI_OK) { KSI_pushError(ctx, res, NULL); goto cleanup; } } if (valuep != NULL && !tmpl[i].multiple) { compositeVal = NULL; KSI_LOG_error(ctx, "Multiple occurrences of a unique tag 0x%02x", tmpl[i].tag); KSI_pushError(ctx, res = KSI_INVALID_FORMAT, "To avoid memory leaks, a value may not be set more than once while parsing."); goto cleanup; } /* Parse the current TLV */ switch (tmpl[i].type) { case KSI_TLV_TEMPLATE_OBJECT: KSI_LOG_trace(ctx, "Detected object template for TLV value extraction."); if (tmpl[i].fromTlv == NULL) { KSI_pushError(ctx, res = KSI_UNKNOWN_ERROR, "Invalid template: fromTlv not set."); goto cleanup; } res = tmpl[i].fromTlv(tlv, &voidVal); if (res != KSI_OK) { KSI_pushError(ctx, res, NULL); goto cleanup; } res = storeObjectValue(ctx, &tmpl[i], payload, voidVal); if (res != KSI_OK) { tmpl[i].destruct(voidVal); // FIXME: Make sure, it is a valid pointer. goto cleanup; } break; case KSI_TLV_TEMPLATE_COMPOSITE: { KSI_LOG_trace(ctx, "Detected composite template for TLV value extraction."); res = tmpl[i].construct(ctx, &compositeVal); if (res != KSI_OK) { KSI_pushError(ctx, res, NULL); goto cleanup; } res = extract(ctx, compositeVal, tlv, tmpl[i].subTemplate, tr, tr_len + 1, tr_size); if (res != KSI_OK) { KSI_LOG_error(ctx, "Unable to parse composite TLV: %s", track_str(tr, tr_len, tr_size, buf, sizeof(buf))); tmpl[i].destruct(compositeVal); // FIXME: Make sure is is a valid pointer. goto cleanup; } res = storeObjectValue(ctx, &tmpl[i], payload, (void *)compositeVal); if (res != KSI_OK) { KSI_pushError(ctx, res, NULL); goto cleanup; } /* Reset the buffer. */ break; } default: KSI_LOG_error(ctx, "No template found."); /* Should not happen, but just in case. */ KSI_pushError(ctx, res = KSI_UNKNOWN_ERROR, "Undefined template type"); goto cleanup; } if ((tmpl[i].flags & KSI_TLV_TMPL_FLG_MORE_DEFS) == 0) break; } /* Check if a match was found, an raise an error if the TLV is marked as critical. */ if (matchCount == 0 && !KSI_TLV_isNonCritical(tlv)) { char errm[1024]; KSI_snprintf(errm, sizeof(errm), "Unknown critical tag: %s", track_str(tr, tr_len + 1, tr_size, buf, sizeof(buf))); KSI_LOG_error(ctx, errm); KSI_pushError(ctx, res = KSI_INVALID_FORMAT, errm); goto cleanup; } } /* Check that every mandatory component was present. */ for (i = 0; i < template_len; i++) { char errm[100]; if ((tmpl[i].flags & KSI_TLV_TMPL_FLG_MANDATORY) != 0 && !templateHit[i]) { KSI_snprintf(errm, sizeof(errm), "Mandatory element missing: %s->[0x%x]%s", track_str(tr, tr_len, tr_size, buf, sizeof(buf)), tmpl[i].tag, tmpl[i].descr != NULL ? tmpl[i].descr : ""); KSI_LOG_debug(ctx, "%s", errm); KSI_pushError(ctx, res = KSI_INVALID_FORMAT, errm); goto cleanup; } if (((tmpl[i].flags & KSI_TLV_TMPL_FLG_LEAST_ONE_G0) != 0 && !groupHit[0]) || ((tmpl[i].flags & KSI_TLV_TMPL_FLG_LEAST_ONE_G1) != 0 && !groupHit[1])) { KSI_snprintf(errm, sizeof(errm), "Mandatory group missing: %s->[0x%x]%s", track_str(tr, tr_len, tr_size, buf, sizeof(buf)), tmpl[i].tag, tmpl[i].descr != NULL ? tmpl[i].descr : ""); KSI_LOG_debug(ctx, "%s", errm); KSI_pushError(ctx, res = KSI_INVALID_FORMAT, errm); goto cleanup; } } res = KSI_OK; cleanup: KSI_TLV_free(tlvVal); return res; }